The more complex your organization, the more value you gain from visibility, control, and efficiency in firewall management. McAfee includes powerful, easy-to-use management software with every McAfee® Firewall Enterprise to help you know who is doing what when and be confident that firewall activities are not getting in the way of business. Optional McAfee Firewall Enterprise Control Center and McAfee ePolicy Orchestrator® (McAfee ePO™) software share information to minimize the complexity and compliance challenges of enterprise and multitenant installations. Available appliances ensure that protection and troubleshooting scale without impairing network traffic.

Next-generation firewalls allow IT to permit safe, liberal use of social media and web applications while retaining visibility and fine-grained policy control for compliance. However, as organizations introduce more security—such as identity- and application-aware rules, content inspection, antivirus (AV), and intrusion prevention system (IPS)—these overlays can add complexity to firewall management unless firewall administrators also adopt more efficient management processes and tools.

With conventional firewalls, management has been the largest factor in the cost of ownership. Routine tasks consume endless hours. When there’s a network outage, teams frantically piece together what happened, often striving to simply prove the firewall was not at fault.

As organizations take advantage of the security controls in next-generation firewalls, integrated tools and automation should reduce rule-set complexity and streamline incident response. Our McAfee firewall management solutions can help ensure your next-generation policy enforcement controls have the appropriate impact on your network, enabling valuable business services without hindering users or overwhelming operations.Highlights

See the “Who” On Your NetworkMcAfee firewalls leverage McAfee Logon Collector which simplifies discovery, logon, and authentication processes across all McAfee firewall management tools as well as McAfee Data Loss Prevention. This non-invasive process maps IP addresses to users for all types of traffic to enable user-based policies without requiring the user to authenticate to the firewall or use a protocol that supports authentication.

- Quickly discover who is using which application and check authentication status.- Enforce user-based access control policies without a separate authentication step.- Leverage users and groups in your Microsoft Active Directory- Enforce additional active authentication for users not logged in to the domain.- Authenticate using captive portal, NTLM, Radius, LDAP, and Active Directory.

McAfee Firewall Enterprise Control Center Advantages

- Quickly search for rules and objects to reuse in existing or new firewalls.- Define packet filtering and application-layer rules quickly and efficiently in a graphical, object-based environment.- Use wizards to reduce the size and complexity of your rule base, reduce overlaps and duplications, and simplify common tasks like VPN deployments.- Receive, consolidate, and display customized alerts from managed firewalls through a secure channel.- Validate policy consistency and understand rule interactions prior to distribution.- Import firewall configurations, make changes, and then export back to all devices, saving significant time and effort.- Backup and restore firewall configurations to recover from configuration errors, or replicate a trusted configuration on a new system quickly and easily.- Control individual or groups of firewalls by re-initializing the network or rebooting.- Cost-effectively manage multiple entries, organizations, or configuration domains (for managed services) or organizations.- Track all user actions in a session by associating them with a change ticket.- Support audit and regulatory compliance by viewing all changes in the audit trail with the change ticket number.- Automatically update all firewalls with the latest software releases and patches.- Right-click on a firewall in McAfee Firewall Enterprise Control Center and launch immediate command line access via SSH.

Available as a Virtual or Dedicated ApplianceA virtual Firewall Enterprise Profiler is included with every McAfee Firewall Enterprise product. In addition, many customers choose to purchase our dedicated Profiler appliance running on McAfee Linux. By operating on a dedicated appliance, out of band, the McAfee Firewall Enterprise Profiler can handle larger data sets, display real-time events, run troubleshooting queries, and let you explore rule sets without affecting on-going firewall or network performance.

- Create “domains” or “zones” that act as separate McAfee Firewall Enterprise Control Center instances—administrators only see the firewall and policies for their particular customer or entity- Separate configurations for several enterprises and hide information about an enterprise from administrators of other enterprises.- Keep configuration simple and save time and effort with common rule objects; cross-enterprise policy objects can still be shared or reused by all domains.- Role-based access control helps enforce change-control policies.

Profiler Advantages

- Profiler features a next generation web UI viewable from any web enabled device, or from within Control Center to integrate monitoring with other workflows and assist incident response.- McAfee ePO platform integration allows the opening of tickets and other actions based on changing behaviors sent from McAfee Firewall Enterprise Profiler- Visualization of all firewall actions in terms of who/what/where improves diagnosis and provides guidance into needed rule changes.- Correlates 30 days worth of firewall actions to network users and roles in real-time to quickly validate impact of changes.- On-demand access to McAfee ePO platform asset directory confirms that the right countermeasures are active on a host, such as AV and endpoint encryption.- Identify root cause categorizations for denied traffic.- Pulls firewall policy and rule objects to show the details of the rule and also provides reports in terms of firewall policy objects.- Timeframe comparison and prioritized visualization for detecting important changes in access patterns.- Create reporting objects to improve or focus analysis in particular areas of the network.- Use graphical reports to convey situational awareness, threats by geographic location, applications traversing the firewall, and other information to those who need to know.- Can be deployed quickly and leverages existing network devices and infrastructures.- Intercepts login authentications without host agents or additional inline devices.- Enables trending and analysis without manually intensive, after-the-fact log collection and review.